dongfangyuxiao/BurpExtend

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dongfangyuxiao/BurpExtend)

dongfangyuxiao / BurpExtend

基于Burp插件开发打造渗透测试自动化

☆422

Alternatives and similar repositories for BurpExtend

Users that are interested in BurpExtend are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

c0ny1 / passive-scan-client
View on GitHub
Burp被动扫描流量转发插件
☆1,459Jun 17, 2024Updated last year
bit4woo / domain_hunter_pro
View on GitHub
domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
☆2,123Apr 10, 2026Updated last week
SkewwG / BurpExtender
View on GitHub
Burp suite 的插件集合
☆241Mar 13, 2021Updated 5 years ago
Echocipher / AUTO-EARN
View on GitHub
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
☆739Dec 8, 2022Updated 3 years ago
r0eXpeR / redteam_vul
View on GitHub
红队作战中比较常遇到的一些重点系统漏洞整理。
☆2,522Jul 17, 2021Updated 4 years ago
Wordpress hosting with auto-scaling - Free Trial • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
bit4woo / burp-api-drops
View on GitHub
burp插件开发指南
☆620Aug 8, 2021Updated 4 years ago
LangziFun / LangSrcCurise
View on GitHub
SRC子域名资产监控
☆1,298Jan 14, 2021Updated 5 years ago
chriskaliX / AD-Pentest-Notes
View on GitHub
用于记录内网渗透(域渗透)学习 :-)
☆1,240Nov 9, 2020Updated 5 years ago
1120362990 / vulnerability-list
View on GitHub
在渗透测试中快速检测常见中间件、组件的高危漏洞。
☆728Mar 21, 2022Updated 4 years ago
zongdeiqianxing / Autoscanner
View on GitHub
输入域名>爆破子域名>扫描子域名端口>发现扫描web服务>集成报告的全流程全自动扫描器。集成oneforall、masscan、nmap、dirsearch、crawlergo、xray等工具，另支持cdn识别、网页截图、站点定位；动态识别域名并添加功能、工具超时中断等
☆811Mar 13, 2024Updated 2 years ago
awake1t / PortBrute
View on GitHub
一款跨平台小巧的端口爆破工具，支持爆破FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD / A cross-platform compact port blasting tool that supports blasting FTP/SSH…
☆1,111Oct 9, 2021Updated 4 years ago
fofapro / Hosts_scan
View on GitHub
这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
☆1,194Apr 30, 2019Updated 6 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,017May 21, 2024Updated last year
ggg4566 / BurpBountyPlus
View on GitHub
BurpBounty 魔改版本
☆418Mar 21, 2022Updated 4 years ago
Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
inbug-team / InScan
View on GitHub
边界打点后的自动化渗透工具
☆1,894Jul 19, 2021Updated 4 years ago
SummerSec / JavaLearnVulnerability
View on GitHub
Java漏洞学习笔记 Deserialization Vulnerability
☆944Jun 14, 2023Updated 2 years ago
c0ny1 / chunked-coding-converter
View on GitHub
Burp suite 分块传输辅助插件
☆2,031Feb 23, 2022Updated 4 years ago
CTF-MissFeng / GoScan
View on GitHub
GoScan是采用Golang语言编写的一款分布式综合资产管理系统，适合红队、SRC等使用
☆716May 6, 2021Updated 4 years ago
exp1orer / JNDI-Inject-Exploit
View on GitHub
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
☆775Jan 26, 2022Updated 4 years ago
safe6Sec / PentestDB
View on GitHub
各种数据库的利用姿势
☆1,034Jan 3, 2025Updated last year
p1g3 / JSINFO-SCAN
View on GitHub
递归式寻找域名和api。
☆724Aug 3, 2023Updated 2 years ago
pmiaowu / BurpFastJsonScan
View on GitHub
一款基于BurpSuite的被动式FastJson检测插件
☆1,242Oct 1, 2022Updated 3 years ago
SPuerBRead / Bridge
View on GitHub
无回显漏洞测试辅助平台，平台使用Java编写，提供DNSLOG，HTTPLOG等功能，辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
☆404Dec 21, 2025Updated 3 months ago
AI Agents on DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
wgpsec / AboutSecurity
View on GitHub
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
☆1,122Updated this week
r0eXpeR / fingerprint
View on GitHub
各种工具指纹收集分享
☆529Nov 3, 2021Updated 4 years ago
woodpecker-framework / woodpecker-framework-release
View on GitHub
高危漏洞精准检测与深度利用框架
☆1,461Jan 8, 2023Updated 3 years ago
Adminisme / ServerScan
View on GitHub
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
☆1,637Jun 16, 2024Updated last year
pmiaowu / BurpShiroPassiveScan
View on GitHub
一款基于BurpSuite的被动式shiro检测插件
☆1,798Dec 14, 2022Updated 3 years ago
metaStor / SpringScan
View on GitHub
SpringScan 漏洞检测 Burp插件
☆607Nov 14, 2023Updated 2 years ago
Ares-X / shiro-exploit
View on GitHub
Shiro反序列化利用工具，支持新版本(AES-GCM)Shiro的key爆破，配合ysoserial，生成回显Payload
☆896May 28, 2021Updated 4 years ago
wyzxxz / shiro_rce_tool
View on GitHub
shiro 反序列命令执行辅助检测工具
☆1,573May 21, 2024Updated last year
c0ny1 / FastjsonExploit
View on GitHub
Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
☆1,392Dec 16, 2022Updated 3 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,017Oct 15, 2020Updated 5 years ago
w-digital-scanner / w13scan
View on GitHub
Passive Security Scanner (被动式安全扫描器)
☆1,948Feb 8, 2023Updated 3 years ago
feihong-cs / ShiroExploit-Deprecated
View on GitHub
Shiro550/Shiro721 一键化利用工具，支持多种回显方式
☆1,957Jun 4, 2021Updated 4 years ago
CTF-MissFeng / bayonet
View on GitHub
bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
☆1,514Nov 22, 2022Updated 3 years ago
bigsizeme / shiro-check
View on GitHub
Shiro反序列化回显利用、内存shell、检查 Burp插件
☆217Sep 1, 2022Updated 3 years ago
LandGrey / domainNamePredictor
View on GitHub
一个简单的现代化公司域名使用规律预测及生成工具
☆389Feb 24, 2022Updated 4 years ago
timwhitez / crawlergo_x_XRAY
View on GitHub
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
☆1,184Nov 10, 2021Updated 4 years ago